MX Police Blog

Latest news and views

One of the keys to preventing virus outbreaks within an organization is having the latest virus signatures and detection rules in place. Since spam is one of the primary means of spreading malware, this is especially true for email scanners and spam filters.

According to a FBI Crime and Security Survey, 65 percent of companies had been affected by virus attacks during the previous year. This is in spite of the fact that 97 percent of the surveyed companies were using industry-leading virus protection, and following “best practices” like enabling automatic updates. This information highlights the need for overlapping protection. Maintainers of antivirus software respond to new threats at differing rates, and while some are more responsive than others, none are always first or always best at deploying updates.

Utilizing spam filters or other email security solutions which incorporate two or more virus engines increases a company’s chance of early protection when new threats are introduced. It also eliminates the situation where single point of failure might arise, such as when one antivirus vendor’s update network has been compromised or is off-line. Adding complimentary technologies like heuristic analysis and reputation filtering offers the most comprehensive protection.

Running multiple antivirus products on corporate desktops is probably not feasible because of the competition for computing resources and incompatibilities during real-time protection. However, running multiple engines sequentially to scan incoming email at the server level can significantly reduce early exposure to malware while maintaining reasonable throughput.

At the end of 2010, we saw a resurgence of some vintage tactics spammers used three or more years ago to bypass content-based spam filters. In particular, three old ploys were revived for use in conjunction with newer trends (like falsifying alerts from social networking sites) for some fresh spam tactics, as seen in the Commtouch Q4 2010 Internet Threats Trend Report.

The first all-too-familiar tactic spammers revived in recent months is the use of hidden text. Fonts are shrunk down as small as possible and changed to white so as to make them invisible to the reader over an email background. Random typing that’s invisible to the eye but visible to spam filters is inserted in the middle of words that are standard red flags to Bayesian, heuristic, and other content-based spam filters. To the recipient, words simply appear to have sporadic, erroneous spaces in them; to the spam filter, however, those spaces are actually several characters, making the words unrecognizable, and therefore not cause for a block or re-direct into a junk mail folder.

A second tactic seen again at the end of 2010 after some time is the use of Google’s cache tool to sneak spam website links past content-based anti-spam technology. Google is, by default, a white-listed, or acceptable, domain to most spam filters. By going to a website through Google’s cached version link, the resulting URL begins with the Google domain name. By turning this URL into a hot link in an email, many spam filters are accepting, while the recipient is still taken to the spammer’s intended address via a typically seamless redirect.

The third vintage spam tactic enjoying new life since the end of 2010 is known as ASCII art. This refers to the careful arrangement of computer characters (letters, digits, and symbols) to form a larger representation of an image. Just type “ASCII art” in as a Google image search to see plenty of impressive examples. Using ASCII art, spammers can create representations of letters and words without actually typing those words. Hence, content-based spam filters remain unaware of the words and phrases that a human reader will see.

These revived spam tactics underscore the ongoing need in 2011 for an email security system that doesn’t rely solely on content-based methodologies. Effective spam filtering products have a multi-tiered approach that evaluates the validity of an incoming email message based on a variety of factors.

Perhaps you’ve been staggering around, drooling, staring off into space, and pawing without coordination at miscellaneous objects within your reach. Perhaps you’re a zombie. Perhaps it’s Monday morning, Jim’s still lurking around the coffee pot, and the idea of discussing your weekend with Jim makes you twitch with sensations of oncoming spontaneous combustion, so you […]

The internet is becoming more hazardous to daily users, even those who take care to avoid the sort of websites typically associated with malware infections. In fact, malware infections are now considerably more likely to occur by visiting a compromised legitimate website than by opening a web page created to deliver malware, according to the […]

Outgoing email rejections are becoming increasingly common, and while this is good news in the fight against spam, it can hurt your business if your emails are not reaching their intended targets. One reason for the increase in rejections is that growing numbers of incoming mail servers are rejecting emails from outgoing servers without a […]

Testimonials

This new filter is working so great it's kinda eerie
Jason Hamilton
Customer Support Manager
Handel IT

Christopher is a very knowledgeable, reliable guy who will work with you to come up with the best solution to your business needs. He's easy to work with and I highly recommend him.
Tony Wilko
CEO
Infuseweb LLC

Thank you Jason and everybody in IT for signing on with MX Police. From what I can tell after the first day, it does a great job. Very nice!
Even Brande
CEO
Handel IT

I didn't receive any spam. Yahoo! I will read my reports tomorrow when I am in the studio and see if any were marked spam that weren't however at quick glance it is fantastic!!!!!!
Anne Brande
Owner
Ludwig Photo

It has certainly died down for me. Waiting to see how it is for the Blackberry when that is back up but based upon what I've seen (or not seen) in my inbox today it looks very good.
Casey Bader
VP of Sales
Handel IT

Has definitely gotten rid of a large amount of unwanted emails for everyone
Lisa Allard
Chief Operations Officer
Families in Transition

MX POLICE is a real time saver by decreasing spam and viruses it has increase productivity and has eliminated the time to manage a spam filtering appliances and servers.
Jonathan Dias
President
JDSCC Inc.

MX Police is working great for us. Many of us used to get over 200+ SPAM e-mails a day. Absolutely Wonderful Product.
Bob DeCrescenzo
Sr. Programmer Analyst
Numeric Computer Systems

Immediately I noticed the reduction in the amount of spam we were receiving.
Prior to installing the software our office employees were spending a great deal of time
every morning deleting the spam. The minimal monthly fee is well worth it and I would recommend this product highly.
Grace L. Palmer
Office Manager
The Chappy Corporation

Before getting MX Police our email accounts were getting plagued with spam. Now that we have moved to an exchange server + added MX Police, The spam has been "captured" and our staff does not have to deal with embarrassing offers or subject matter.
Denise Germano
IT Manager
Girl Scouts of Swift Water Council

I have been a customer of Lexan Systems for over a year, and all of their products and services have been fantastic. Their security consulting is by far the best our company has ever hired, and their hosting and email solutions are exceptional. The best though, is the customer support which exceeds any expectations.
Eli Portnoy
CEO
Emerging Demographics Inc.

I had the pleasure to partner with Christopher on a project for my current employer. I found Chris to be extremely well versed with the subject matter of the project. Chris is personable, easy to work with, an excellent teacher, a clear communicator, extremely intelligent.
Steve Moon
Information Technology Manager
Davis Vision Inc.

They have provided our Company with great customer service. We appreciate their efforts
Dan Gould
Technology Director
Guidance Tax Services